I'm trying to add a "custom" value to the 3rd party checkout PayPal option. The problem I'm having is the PHP variable is being displayed on the screen. I'm passing the shopping cart values in a session variable.
if(isset($_SESSION['checkout'])){
$orderData = '<table border="1"><th style="width:80px">Item</th>
<th sytle="width:250px">Size</th>
<th style="width:60px">Quantity</th>';
for ($i=0; $i<count($_SESSION['checkout']); $i++){
$orderData .= '<tr><td style="text-align:center">'.$_SESSION['checkout'][$i][0].'</td><td style="text-align:center">'.$_SESSION['checkout'][$i][1].'</td><td style="text-align:center">'.$_SESSION['checkout'][$i][2].'</td></tr>';
}
}
I want that table to be passed along, and based on the PayPal documentation, all I need to do is include it. I'm echoing out the PayPal form like this:
echo '<form>
//other hidden values
<input type="hidden" name="custom" value="'.$orderData.'">
//input submit button here
</form>
And like I said, the input is supposed to be hidden, but it gets displayed before the PayPal button. How come?
UPDATE: Those code passes the amount perfectly:
<input type="hidden" name="amount" value="';?><?php if(isset($_SESSION['disc'])){print_r($_SESSION['disc']);}?><?php echo '">
It doesn't display on the page but the variable amount is correct in the page source.
UPDATE2: Here's my entire cart script:
echo '<div style="position:absolute; left:770px; top:50px">
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="myemail#example.com">
<input type="hidden" name="item_name" value="Merchandise">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="no_shipping" value="0">
<input type="hidden" name="custom" value="'.$orderData.'">
<input type="hidden" name="return" value="backtomywebsite.com">
<input type="hidden" name="cancel_return" value="backtomywebsite.com">
<input type="hidden" name="amount" value="';?><?php if(isset($_SESSION[$disc])){print_r($_SESSION[$disc]);}?><?php echo '">
<input type="image" src="http://www.mywebsite.com/images/BuyNow.png" name="submit" alt="Make payments with PayPal - it\'s fast, free and secure!" width="300" height="204">
</form>
</div>';
The script works when instead of $orderData I have a print_r session with the item information. That information gets sent to my paypal account but it is in an array form and looks ugly. If there was a way to make everything (member information, order information) into a php variable and pass it into the custom field, that would be great. Anyway...here's what is on the screen:
Hope you're still willing to help me out.
What do you mean it gets displayed before the PayPal button? If you are viewing the source code of the page, you will see the value in the page.
If you are saying you are passing amount over, but are not seeing it you may be using the wrong variable. The variable amount is a valid PayPal variable but depending what button you are specifically using the amount varialbe is slightly different. I could not tell from your code as I didn't see what you were passing over for "cmd", but if you are using a buy now button or an add to cart button that the variable "amount" would be the correct variable to use. If you are usnig the cart upload method, then you want to use the variable "amount_x". So if I passed two items over, and the first one was 0.99 and the second was 1.99 I would pass over the variable/value of "amount_1=0.99" and "amount_2=1.99".
Related
I just want to call the id value of one page in another page, but it has not been working for me for a long time. I have given the id value to the form as "addedcart" and called in php code but it is not displaying any cart value. Is it correct to call an id like this? Because I don't know perfectly about php. The form which I want to be called is given below:
<?php
$addedcart = $_POST['addedcart'];
$formcontent="Items in cart: $addedcart";
mail($recipient,$subject,$formcantent,$headers) or die("Error!");
?>
<form action="" method="post" class="last" id="addedcart">
<fieldset>
<input type="hidden" name="business" value="info#domain.com" />
<input type="hidden" name="cmd" value="_cart" />
<input type="hidden" name="display" value="1" />
<input type="image" name="submit" src="images/cart.png" class="button"/>
</fieldset>
</form>
From the limited information we have, I can see two possible solutions:
Solution 1: $_SESSION variable
Start your PHP code with session_start(); and make $_SESSION['addedcart'] equal to what you want. This will carry over to any page that uses session_start(); and can't be changed by the end-user.
Solution 2: Hidden Form Input
Add the following to the form:
<input type="hidden" name="addedcart" value="<?php echo $addedcart ?>" />
The downside of this method is that a user can change these values in the Developer tools in Chrome/Firefox.
I have created a non-hosted PayPal-Button with a text input to let users define an amount to pay. It's a subscription button.
Now the problem is that there must be a minimum amount to pay, say 101 (CHF - Swiss francs).
According to the docs of PayPal HTML-Variables I have the possibility to add the following vars in hidden inputs to my form to get it to work.
set_customer_limit with a value of max_limit_own
min_amount with a value of 101
The set_customer_limit is working but not the min_amount. Any amount is accepted.
I opened a ticket at the technical support, but no reply till now.
Here's my form:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_xclick-subscriptions">
<!-- //... -->
<input type="hidden" name="cancel_return" value="mydomain.com/cancel">
<input type="hidden" name="return" value="mydomain.com/paid">
<input type="hidden" name="token" value="<?php echo $token; ?>">
<input type="hidden" name="src" value="1">
<input type="text" name="a3" value="101.00">
<input type="hidden" name="p3" value="1">
<input type="hidden" name="t3" value="Y">
<input type="hidden" name="currency_code" value="CHF">
<input type="hidden" name="bn" value="PP-SubscriptionsBF:btn_subscribeCC_LG.gif:NonHostedGuest">
<!-- the concerned inputs -->
<input type="hidden" name="set_customer_limit" value="max_limit_own">
<input type="hidden" name="min_amount" value="101">
<!-- ---- -->
<input type="image" src="https://www.paypalobjects.com/de_DE/CH/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="Jetzt einfach, schnell und sicher online bezahlen – mit PayPal.">
<img alt="" border="0" src="https://www.paypalobjects.com/de_DE/i/scr/pixel.gif" width="1" height="1">
</form>
As for the moment, I just validate the minimum amount with JavaScript, which isn't really secure...
EDIT
As an idea, I could implement another form (submit it by AJAX, onchange, onkeyup, whatever), which sets the minimum amount given by the user before the PayPal-form and put it into the PayPal-input then (set to hidden again):
<input type="hidden" name="a3" value="<?php echo $_POST['pre_min_amount'] ?>">
That way I could validate the minimum amount with PhP, before submitting the PayPal-form. But that doesn't seem a clean way to me. Really Glad if anybody could give me a hint!
The answer of the PayPal technical support is: No it is not possible!
(Date of answering was 05/02/2015) Hopefully, this will be possible in the future. If so please post your answer!
I'd really suggest using the PayPal API for this kind of thing (including creating a developer account, byting thru the docs, etc).
So this "solution" is a quick & dirty workaround.
First, add a small form (I call it the min_amount -form for now) to the page (telling the user, he has to set the amount first):
<form id="min_amount" method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
<input type="text" id="pre_min_amount" name="pre_min_amount" value="101">
<input type="submit" value="Set min. Amount">
</form>
Then, add the whole PayPal form to a PHP variable with NowDoc and add the posted value from the min_amount-form to the a3 input:
$min_amount = 0;
$payPalForm = <<<SOME
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<!-- //... -->
<input type="hidden" name="a3" value="$min_amount">
</form>
SOME;
After submitting, check if the minimum amount is true and then only show the PayPal-form:
if (isset($_POST['pre_min_amount']) && is_numeric($_POST['pre_min_amount']) && floatval($_POST['pre_min_amount']) >= 101) {
$min_amount = htmlspecialchars($_POST['pre_min_amount']);
echo $payPalForm;
}
As I said, it's quick and dirty (no more time for this project), but you ensure to validate the minimum amount on the server-side, not just with Javascript. You could also submit the min_amount-form with an AJAX call, but then the return of this call is on the client-side, which isn't really secure either. (Sure you may also)
BTW, I am not proud of this solution at all, but sometimes, a programmers life is hard and I'm sure all you coders out there had to do some q&d code somehow, somewhere ;-)...
Update: 08/05/2015
All depends on the country in which the concerning account is registered. Full services guaranted by PayPal only in the USA and Canada
I'm have an issue with Paypal, i'm using a simple form :
<html>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="boukhersya#gmail.com">
<input type="hidden" name="item_name" value="DEMANDE D ETUDE PERSONNALISEE">
<input type='hidden' name='rm' value='2'>
<input type="hidden" name="amount" id=val value="79">
<input type="hidden" name="currency_code" value="EUR">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="hidden" name="notify_url" value= "http://<?php echo $_SERVER['SERVER_NAME'];?>/etude-gratuite.php" >
<input type="hidden" name="cancel_return" value="http://<?php echo $_SERVER['SERVER_NAME'];?>/etude-personalisee/test.php">
<input type="hidden" name="return" value="http://<?php echo $_SERVER['SERVER_NAME'];?>/etude-personalisee/paimentconfirme.php">
<input type="submit" value="Payer votre commande">
</form>
I want to return the email used in the payment, so i can know which user has paid
so i can get the email in the page test.php, can i do that with PDT ??
You can pass the field "custom" to pyapal and it will pass it back to you when the transaction is completed. You may want to use your user ID rather than an email address though.
<input type="hidden" name="custom" value="email#address.com">
https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/Appx_websitestandard_htmlvariables/
The way it works is: you use these hidden input values on for your paypal button. When the user is transferred to paypal all of these values are sent with it. One of the values you use is name="notify_url" when the user completes checkout paypal posts the checkout information to that url. In the case of php you do something like this:
$useremail = $_POST['custom']
Any custom information you want to have returned to you needs to go in the custom field. I use some kind of delimiter if I want more pieces of information returned, like this:
<input type="hidden" name="custom" value="user#email.com-firstname-userID">
Then you just explode the data:
$paypalvars = explode("-", $_POST['custom']);
$email = $paypalvars[0];
$firstName = $paypalvars[1];
$userID = $paypalvars[2];
Whatever value is in the custom filed will be posted back to your notify_url exactly the same way you give it to paypal.
You could use the Paypal IPN API to handle this.
Simply set up IPN within your Paypal account and then create a file which will manage the data that gets sent back upon payment.
This includes their email address too!
Note that the <input type="hidden" name="notify_url"> should be the input used to direct to test.php because at the moment, the information that will get passed back to you will be sent to the etude-gratuite.php
Hello I would like to create a paypal buy button which has a dynamic set amount.
I would like to pass the amount by a text input field within the form and the item_number by a hidden field.
The issue is that what ever I do I get a encrypted s-xclick button from the paypal website.
This button does not allow hidden variables being placed in the form.
I think what I need is a xclick button. My goal is to allow users to increase their internally credit of my website.
EDIT (moving the addition to the question from the answer to the question)(from here #tokam:
To add this to the discussion I would like to show my current solution for the problem:
Here we have some Javascript validation which helps the user with the input. Recognize that it opens a lightbox on success
function validatePaypalForm()
{
var val = $('#paypalPaymentAmount').val().replace(/\s*$/, "").replace(/,/ , ".").replace(/€$/, "");
var errormsg = '';
var ret, amountField;
if( val==='' || isNaN( parseFloat(val) ) || !isFinite(val) )
{
errormsg = 'Bitte geben Sie einen gültigen Betrag an';
}else if( parseFloat( val ) < <?php echo $this->minimum?> )
{
errormsg = 'Das Einzahlungsminimum beträgt <?php echo $this->minimum?>€';
}
ret = ( errormsg === '' );
amountField = $( '#paypalAmountField' );
if( ret )
{
amountField.removeClass( 'error' );
$('#paypalAmountErrorMessage').html( ' ' );
$('#paypalPaymentAmount').val( val );
fb.start(
'<p><strong>Sie werden in kürze zur Seite von Paypal weitergeleitet.</strong></p>',
'width:700 showPrint:false modal:true showClose:false showOuterClose:true showItemNumber:false closeOnNewWindow:false outsideClickCloses:true innerBorder:0 imageClickCloses:false scrolling: no'
);
}else{
amountField.addClass( 'error' );
$('#paypalAmountErrorMessage').html( errormsg );
}
return ret;
}
Here comes my button now. The issues I am having with are e.g. that it is easy for the user to set an other currency code. I could handle this in my IPN Listener by refunding the payment. Are there other issues which come with an unencrypted changeable button?
<form onsubmit="return validatePaypalForm();" class="stn-form" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<fieldset id="fieldset-p"><legend><span>2.</span>myproject Guthaben aufladen per Paypal Zahlung</legend>
<div id='paypalAmountField' class="field">
<label for='paypalPaymentAmount' >Betrag €:</label>
<input id='paypalPaymentAmount' type="text" name='amount' value='' />
<span style='display:block;' id='paypalAmountErrorMessage' class='errorText'>' </span>
</div>
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="THE_ID_OF_MY_CLIENT">
<input type="hidden" name="lc" value="DE">
<input type="hidden" name="item_name" value="myproject Advertiser Vorkasse">
<input type="hidden" name='item_number' value="11500">
<input type="hidden" name="currency_code" value="EUR">
<input type="hidden" name="button_subtype" value="services">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="bn" value="PP-BuyNowBF:btn_paynowCC_LG.gif:NonHosted">
<input type="hidden" name="rm" value="1">
<input type="hidden" name='cbt' value="Zu myproject.de zurückkehren">
<input type="hidden" name="currency_code" value="EUR">
<input type="hidden" name="return" value="http://myproject.somedomain.net/advertiser/guthaben-aufladen/ret/success" />
<input type="hidden" name="cancel_ return" value="http://myproject.somedomain.net/advertiser/guthaben-aufladen/ret/canceled" />
<div class="actionrow">
<input type="image" src="https://www.paypalobjects.com/de_DE/DE/i/btn/btn_paynowCC_LG.gif" border="0" name="submit" alt="Jetzt einfach, schnell und sicher online bezahlen – mit PayPal.">
<img alt="" border="0" src="https://www.paypalobjects.com/de_DE/i/scr/pixel.gif" width="1" height="1">
</div>
</fieldset>
</form>
The reason you can't override the amount dynamically, is because you have a so-called 'PayPal hosted button'.
With a hosted button, the amount is stored on PayPal's side and can't be overwritten with the 'amount' variable.
You'll either want to use a non-hosted button, or use the BMUpdateButton API call to dynamically update the button's amount.
To use a non-hosted button, simply find 'Step 2' in the button creation tool and untick 'Host button with PayPal'.
Option 2:
Still use the hosted button, and use the BMUpdateButton API to update the amount. An example request for BMUpdateButton would look as follows:
USER=Your API username
PWD=Your API password
SIGNATURE=Your API signature
VERSION=82.0
HOSTEDUBTTONID=The value of <input type="hidden" name="hosted_button_id" value="">
BUTTONTYPE=The type of button. E.g. BUYNOW
BUTTONCODE=The type of code you want to get back. E.g. HOSTED
L_BUTTONVAR0=amount=The new amount with a period as separator
L_BUTTONVAR1=item_name=Optional: a new item name if you wish
Similary, you could also use the BMCreateButton API to create a new button, or use the BMButtonSearch API to search through a list of all your stored hosted buttons (to find the hosted_button_id of your button automatically, for example)
The reason to use a hosted button is because it's more secure. A non-hosted, unencrypted button would basically leave the amounts open to manipulation. Fraudulent transactions waiting to happen.
you shouldn't use xclick which isn't encrypted . the way I solved this is using paypal button api - with some kind of caching in the client so you won't do the whole http request response every time.
note that paypal uses 2 types of api - the NVP which is sort of restful (also not really) and SOAP (I used the NVP method)
you could also generate the the encrypted button in your server using openssl - but I run into unsolvable problems with this method and couldn't get any help for that either here or in paypal horrible developer forums
edit: the problem with not encrypted buttons are that anyone using firebug (not talking about more advanced tools) could interecept a payment and change the cost etc'..
If you insist in that direction you could follow the simple html form from paypal to create this button. you do it in paypal site and create an unencrypted button and then just edit the html and change the needed field to <?php $variable?>. I would strongly advice against this path.
I think this might work for you if you update ... "you#yoursite.com" ... it's non encrypted and still seems to host on paypal's site for clearing
drop the: value="my_default_price"
if you want the user to enter it into a blank text box ... for my page, prices are tied to the price of gold, so I have to dynamically update the variable "amount" and i just leave off value=
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="you#yoursite.com">
<input type="hidden" name="item_name" value="example description">
<input type="hidden" name="item_number" value="">
<input type="text" name="amount" value="my_default_price">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://www.yoursite.com/returnpage.php">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0" name="submit" alt="Make your payments with PayPal. It is free, secure, effective.">
<img alt="" border="0" src="https://www.paypal.com/it_IT/i/scr/pixel.gif" width="1" height="1">
</form>
I am facing this problem from last month. First i was able to get value back from paypal.
Now I am not able to get back value from paypal.
I am using following code.
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post" style="padding: 0; margin: 0;">
<input type="hidden" name="cmd" value="_xclick/" />
<input type="hidden" name="business" value="my_bussiness_id" />
<input type="hidden" name="quantity" value="1" />
<input type="hidden" name="item_name" value="item" />
<input type="hidden" name="item_number" value="1" />
<input type="hidden" name="amount" value="item_price" />
<input type="hidden" name="shipping" value="0" />
<input type="hidden" name="no_note" value="1" />
<input type="hidden" name="notify_url" value="Your_notify_url">
<input type="hidden" name="currency_code" value="GBP" />
<input type="hidden" name="rm" value="2" >
<input type="hidden" name="return" value="your return url">
<input type="image" border="0" name="paypal" src="images/btn_paypal_nl.gif" onClick="" />
</form>
Thanks in advance..
Kanji
There's actually two methods of getting the data back--a return URL that posts upon completion with return values (I've not been terribly lucky making that work) then a separate function that sends you a post upon completion of a transaction to a separate page on your site, where you can collect back all the variables you posted to the site. I suggest the latter because on a buy it now page there's a possibility of the user not being returned to the site because the return button UI is pretty weak on PayPal's end.
To set it up you'd log in to your PayPal account, click on myaccount > profile > website payment preferences. Enabling the "payment data transfer" will do the trick. Once you've got it setup correctly, upon completion of a transaction it'll send to the page of your choice a post of everything you sent it....remember, you can send in variables such as Name, Address, etc just by defining them properly in the form. All the variables available are found here
Don't forget to build a sandbox site to test! Good Luck.
What I have normally done is this:
You see where you got notify_url as a hidden tag, use that for paypal to send you information about the transaction.
The url you put down should be a file on your server that will then do some logic, i.e. update your database that everything was ok, send out notification email of order, etc, etc
When paypal talks to this page, altho cant see the process, everything is sent via $_POST.
What I do as a test is i loop thru the $_POST array and send myself an email so I know what values have been posted back to me.
//paypal variables
$message = "<h1>Paypal variables</h1>";
foreach($_POST as $key => $value)
{
$message.= $key . " - " . $value . "<br />";
}
Link below gives you more info.
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_admin_IPNIntro